Thank you, Miklos, for all your detailed answers.
-----Original Message----- From: Miklos Balint Miklos.Balint@arm.com Sent: Thursday, May 2, 2019 3:46 PM To: Andrej Butok andrey.butok@nxp.com; tf-m@lists.trustedfirmware.org Cc: nd nd@arm.com Subject: [EXT] RE: NS application privilege mode
Caution: EXT Email
Hi Andrej,
TF-M has no requirement on NS thread execution being unprivileged, nor is it mandated by PSA. It is one of a set of measures that make non-secure thread isolation possible, reduce attack surface and provide a degree of tolerance against programming errors, but its absence does not invalidate the security measures provided by TF-M, so it is a fully valid implementation to make NSPE a single protection domain and all non-secure code execution privileged.
Regards Miklos
-----Original Message----- From: TF-M tf-m-bounces@lists.trustedfirmware.org On Behalf Of Andrej Butok via TF-M Sent: 02 May 2019 14:19 To: TF-M@lists.trustedfirmware.org Subject: [TF-M] NS application privilege mode
Hello,
May a non-secure TFM user application stay in the privilege mode after start-up? It's needed, as some system registers are accessible only in the privilege mode. Asking, because the TFM NS Musca start-up code is switching to the unprivileged mode from very beginning: MRS R0, control ; Get control value ORR R0, R0, #1 ; Select switch to unprivilage mode ORR R0, R0, #2 ; Select switch to PSP MSR control, R0 Hope, it is not mandatory.
Thanks, Andrej Butok
-- TF-M mailing list TF-M@lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.trus...